On (05/09/17 14:32), Sam Weston wrote: >We've been using SSSD with our AD domain (please forgive the domain name...) >with the following config on Ubuntu 16.04 for a year or so, with no problems >at all. Joined to the domain with realmd. > >[sssd] >config_file_version = 2 >reconnection_retries = 3 >services = nss,pam >domains = SMALLBUSINESS.LAN >[nss] >[pam] >[domain/SMALLBUSINESS.LAN] >access_provider = ad >ad_domain = SMALLBUSINESS.LAN >ad_gpo_access_control = permissive >cache_credentials = True >default_shell = /bin/bash >fallback_homedir = /home/%u >id_provider = ad >krb5_realm = SMALLBUSINESS.LAN >krb5_store_password_if_offline = True >ldap_id_mapping = True >realmd_tags = manages-system joined-with-samba > >However recently we've had a lot of problems with people being unable to login >when not connected to the network. This is with the handful of Ubuntu 17.04 >machines I've started to roll out (SSSD 1.15.2 rather than 1.13.4 on 16.04). > >After spending about a day reading up and trying every configuration under the >sun, I've found that the password doesn't appear to be cached on the 17.04 >machine. If I run "ldbsearch -H /var/lib/sss/db/cache_SMALLBUSINESS.LAN.ldb >"(&(objectClass=user)(cachedPassword=*))" name gidNumber cachedPassword" on my >machine I get no results, but I get results on the working 16.04 machine. > >I'm at my wits' end with this, so any suggestions you've got will be much >appreciated! >
Cached password works for me with 1.15.x. It would be good if you could provide minimal reproducer or at least related sssd log files with hight debug level when bug occurs. https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
